[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil ECSAv8 Dumps with VCE and PDF 101-110

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released ECSAv8
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Analyst (ECSA)

Question No: 101

Which of the following is not a condition specified by Hamel and Prahalad (1990)?

  1. Core competency should be aimed at protecting company interests

  2. Core competency is hard for competitors to imitate

  3. Core competency provides customer benefits

  4. Core competency can be leveraged widely to many products and markets

Answer: A

Reference: http://www.studymode.com/essays/Hamel-Prahalad-Core-Competency- 1228370.html

Question No: 102

Packet filtering firewalls are usually a part of a router. In a packet filtering firewall, each packet is compared to a set of criteria before it is forwarded.

Depending on the packet and the criteria, the firewall can: i)Drop the packet

ii)Forward it or send a message to the originator

Ensurepass 2018 PDF and VCE

At which level of the OSI model do the packet filtering firewalls work?

  1. Application layer

  2. Physical layer

  3. Transport layer

  4. Network layer

Answer: D

Reference: http://books.google.com.pk/books?id=KPjLAyA7HgoCamp;pg=PA208amp;lpg=PA208amp;dq=At whi ch level of the OSI model do the packet filtering firewalls workamp;source=blamp;ots=zRrb cmY3pjamp;sig=I3vuS3VA7r- 3VF8lC6xq_c_r31Mamp;hl=enamp;sa=Xamp;ei=wMcfVMetI8HPaNSRgPgDamp;ved=0CC8Q6AEwAg#v

=onepageamp;q=At which level of the OSI model do the pa cket filtering firewalls workamp;f=false (packet filters)

Question No: 103

Identify the data security measure which defines a principle or state that ensures that an action or transaction cannot be denied.

  1. Availability

  2. Integrity

  3. Authorization

  4. Non-Repudiation

Answer: D

Reference: http://en.wikipedia.org/wiki/Information_security (non-repudiation)

Question No: 104

Which of the following is not a characteristic of a firewall?

  1. Manages public access to private networked resources

  2. Routes packets between the networks

  3. Examines all traffic routed between the two networks to see if it meets certain criteria

  4. Filters only inbound traffic but not outbound traffic

Answer: D

Question No: 105

Which of the following information gathering techniques collects information from an organization’s web-based calendar and email services?

  1. Anonymous Information Gathering

  2. Private Information Gathering

  3. Passive Information Gathering

  4. Active Information Gathering

Answer: D

Reference: http://luizfirmino.blogspot.com/2011/09/footprinting-terminologies.html

Question No: 106

Which of the following external pen testing tests reveals information on price, usernames and passwords, sessions, URL characters, special instructors, encryption used, and web page behaviors?

Ensurepass 2018 PDF and VCE

  1. Check for Directory Consistency and Page Naming Syntax of the Web Pages

  2. Examine Server Side Includes (SSI)

  3. Examine Hidden Fields

  4. Examine E-commerce and Payment Gateways Handled by the Web Server

Answer: C

Reference: http://www.scribd.com/doc/133636402/LPTv4-Module-18-External-Penetration- Testing-NoRestriction (page 71)

Question No: 107

The SnortMain () function begins by associating a set of handlers for the signals, Snort receives. It does this using the signal () function. Which one of the following functions is used as a programspecific signal and the handler for this calls the DropStats() function to output the current Snort statistics?

  1. SIGUSR1




Answer: A

Question No: 108

The objective of social engineering pen testing is to test the strength of human factors in a security chain within the organization. It is often used to raise the level of security awareness among employees.

Ensurepass 2018 PDF and VCE

The tester should demonstrate extreme care and professionalism during a social engineering pen test as it might involve legal issues such as violation of privacy and may result in an embarrassing situation for the organization.

Which of the following methods of attempting social engineering is associated with bribing, handing out gifts, and becoming involved in a personal relationship to befriend someone inside the company?

  1. Accomplice social engineering technique

  2. Identity theft

  3. Dumpster diving

  4. Phishing social engineering technique

Answer: A

Question No: 109

Which of the following is an application alert returned by a web application that helps an attacker guess a valid username?

  1. Invalid username or password

  2. Account username was not found

  3. Incorrect password

  4. Username or password incorrect

Answer: C

Question No: 110

A Demilitarized Zone (DMZ) is a computer host or small network inserted as a “neutral zone” between a company’s private network and the outside public network. Usage of a protocol within a DMZ environment is highly variable based on the specific needs of an organization. Privilege escalation, system is compromised when the code runs under root credentials, and DoS attacks are the basic weakness of which one of the following Protocol?

  1. Lightweight Directory Access Protocol (LDAP)

  2. Simple Network Management Protocol (SNMP)

  3. Telnet

  4. Secure Shell (SSH)

Answer: D

100% Ensurepass Free Download!
Download Free Demo:ECSAv8 Demo PDF
100% Ensurepass Free Guaranteed!
ECSAv8 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.